Re: Again: Pix VPN & Routing
- From: "Erik Tamminga" <thisiskept@xxxxxxxxxxx>
- Date: Sat, 3 Sep 2005 12:36:25 +0200
Hi,
Routing of traffic on the pix adheres to the routes found in the routing
table.
So if you'd like traffic to certain networks to go out the inside interface,
add routes for these nets to the routing table.
As far as I know there is no option to route based on source address on the
PIX. (as to policy routing on IOS).
Erik
"Christoph Gartmann" <gartmann@xxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:df156k$l9h$1@xxxxxxxxxxxxxxxxx
> In article <11h7u0vc34pnq40@xxxxxxxxxxxxxxxxxx>, "Megane"
> <debergjesREMOVETHIS@xxxxxxxxxxx> writes:
>>isakmp nat-traversal 20
>>
>
> This helped partially. Now Road-Warrior is able to reach hosts in the LAN
> or
> those nets that have a dedicated route towards inside. But still traffic
> from
> Road-Warrior to hosts that are not part of our LAN go directly through the
> outside interface and not through the inside interface.
>
> Thus is there a way for some sort of policy routing in the Pix, e.g.
> everything
> originating from address 10.1.5.79 (= addresses from the local pool)
> should be
> routed towards the inside interface?
>
> Regards,
> Christoph Gartmann
>
> --
> Max-Planck-Institut fuer Phone : +49-761-5108-464 Fax: -452
> Immunbiologie
> Postfach 1169 Internet: gartmann@immunbio dot mpg dot de
> D-79011 Freiburg, Germany
> http://www.immunbio.mpg.de/home/menue.html
.
- Prev by Date: Re: pix outgoing acl w/ vpn
- Next by Date: Re: how to stop denial of service in a 1700 router
- Previous by thread: Any good CD-based e-learning?
- Next by thread: Re: Again: Pix VPN & Routing
- Index(es):
Relevant Pages
|
